As cloud environments become increasingly popular, cloud security is an important focus. Automated processes for software installation, for instance operating system and application-level security patches, can be critical to cloud business. Traditionally, a cloud provider maintains a security patch repository of pre-evaluated patches for guest operating systems and applications. However, the increasing popularity of open-source applications and tools, user-installed applications, and diverse configurations pose a challenge to cloud security, specifically the desire to maintain potentially thousands of application patches in a smart and secure way. Some heterogeneous patches may be successfully applied, while others may not, which directly impacts the security & safety of other parts of the surrounding cloud environment.